Class: AWSCDK::AppSync::AppSyncOpenIdConnectConfig
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::AppSync::AppSyncOpenIdConnectConfig
- Defined in:
- app_sync/app_sync_open_id_connect_config.rb
Overview
Configuration for OpenID Connect authorization in AppSync.
Instance Attribute Summary collapse
-
#client_id ⇒ String?
readonly
The client identifier of the Relying party at the OpenID identity provider.
-
#oidc_provider ⇒ String
readonly
The issuer for the OIDC configuration.
-
#token_expiry_from_auth ⇒ Numeric?
readonly
The number of milliseconds an OIDC token is valid after being authenticated by OIDC provider.
-
#token_expiry_from_issue ⇒ Numeric?
readonly
The number of milliseconds an OIDC token is valid after being issued to a user.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(oidc_provider:, client_id: nil, token_expiry_from_auth: nil, token_expiry_from_issue: nil) ⇒ AppSyncOpenIdConnectConfig
constructor
A new instance of AppSyncOpenIdConnectConfig.
- #to_jsii ⇒ Object
Constructor Details
#initialize(oidc_provider:, client_id: nil, token_expiry_from_auth: nil, token_expiry_from_issue: nil) ⇒ AppSyncOpenIdConnectConfig
Returns a new instance of AppSyncOpenIdConnectConfig.
11 12 13 14 15 16 17 18 19 20 |
# File 'app_sync/app_sync_open_id_connect_config.rb', line 11 def initialize(oidc_provider:, client_id: nil, token_expiry_from_auth: nil, token_expiry_from_issue: nil) @oidc_provider = oidc_provider Jsii::Type.check_type(@oidc_provider, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "oidcProvider") @client_id = client_id Jsii::Type.check_type(@client_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "clientId") unless @client_id.nil? @token_expiry_from_auth = token_expiry_from_auth Jsii::Type.check_type(@token_expiry_from_auth, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "tokenExpiryFromAuth") unless @token_expiry_from_auth.nil? @token_expiry_from_issue = token_expiry_from_issue Jsii::Type.check_type(@token_expiry_from_issue, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "tokenExpiryFromIssue") unless @token_expiry_from_issue.nil? end |
Instance Attribute Details
#client_id ⇒ String? (readonly)
Default: - * (All)
The client identifier of the Relying party at the OpenID identity provider.
A regular expression can be specified so AppSync can validate against multiple client identifiers at a time.
36 37 38 |
# File 'app_sync/app_sync_open_id_connect_config.rb', line 36 def client_id @client_id end |
#oidc_provider ⇒ String (readonly)
The issuer for the OIDC configuration.
The issuer returned by discovery must exactly match the value of iss in the OIDC token.
27 28 29 |
# File 'app_sync/app_sync_open_id_connect_config.rb', line 27 def oidc_provider @oidc_provider end |
#token_expiry_from_auth ⇒ Numeric? (readonly)
Default: - no validation
The number of milliseconds an OIDC token is valid after being authenticated by OIDC provider.
auth_time claim in OIDC token is required for this validation to work.
43 44 45 |
# File 'app_sync/app_sync_open_id_connect_config.rb', line 43 def token_expiry_from_auth @token_expiry_from_auth end |
#token_expiry_from_issue ⇒ Numeric? (readonly)
Default: - no validation
The number of milliseconds an OIDC token is valid after being issued to a user.
This validation uses iat claim of OIDC token.
50 51 52 |
# File 'app_sync/app_sync_open_id_connect_config.rb', line 50 def token_expiry_from_issue @token_expiry_from_issue end |
Class Method Details
.jsii_properties ⇒ Object
52 53 54 55 56 57 58 59 |
# File 'app_sync/app_sync_open_id_connect_config.rb', line 52 def self.jsii_properties { :oidc_provider => "oidcProvider", :client_id => "clientId", :token_expiry_from_auth => "tokenExpiryFromAuth", :token_expiry_from_issue => "tokenExpiryFromIssue", } end |
Instance Method Details
#to_jsii ⇒ Object
61 62 63 64 65 66 67 68 69 70 |
# File 'app_sync/app_sync_open_id_connect_config.rb', line 61 def to_jsii result = {} result.merge!({ "oidcProvider" => @oidc_provider, "clientId" => @client_id, "tokenExpiryFromAuth" => @token_expiry_from_auth, "tokenExpiryFromIssue" => @token_expiry_from_issue, }) result.compact end |